Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

851w with public static pool and internal dhcp pool

My boss wanted to get rid of one internet connection and use the 851w ios 12.4(4)-T4 for both networks. I had configured an 871w with multiple vlans so I thought I could do the same on the 851w. My fault for not doing more research first. So we have a new internet connection and we were provided a .252 address for the gateway and then another /29 network of public ip's for our use. We also have on the 851w 2 aironet 1200's running off of 192.168.1 addresses. I've looked at ip nat static with the public ip range going to the ethernet ports but the how do I connect the wireless 1200's up? Can I use a couple public ip's from the pool and still distribute internal 192.168.1 addresses for wireless? Just to add a little more info one of the ip public addresses will be connected to a nortel vpn concentrator. I'm locked into using the nortel unit. There are approximately 100 wireless users. I was also looking at using a Cisco RV042 4 port in front of this 851w but I couldn't find info on how many vlans it will support. Any feedback greatly appreciated Kent.

851w current config

Building configuration...

Current configuration : 5758 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec

localtime show-timezone
service timestamps log datetime msec

localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname x
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret
!
no aaa new-model
!
resource policy
!
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003

2:00 Oct 26 2003 2:00
ip subnet-zero
no ip source-route
no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.1.1

192.168.1.9
ip dhcp excluded-address 192.168.1.251

192.168.1.254
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.1.0 255.255.255.0
   domain-name x
   default-router 192.168.1.1
   dns-server 208.67.222.222 208.67.220.220
!
!
ip cef
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 208.67.222.222
ip name-server 24.177.176.36
ip name-server 208.67.220.220
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
edit...
crypto pki t

  quit
username admin
!
!
!
bridge irb
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $FW_OUTSIDE$$ES_WAN$$ETH-WAN$
ip address isp addy
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
!
ssid x
    authentication open
    guest-mode
    infrastructure-ssid optional
!
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0

18.0 24.0 36.0 48.0 54.0
no preamble-short
channel 2437
station-role root
no dot11 extension aironet
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC

4ESW$$FW_INSIDE$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface BVI1
description $ES_LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
!
ip classless
ip route 0.0.0.0 0.0.0.0 isp addy permanent
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400

requests 10000
ip nat inside source list 1 interface

FastEthernet4 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner exec ^C

!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

Message was edited by: Kent Watkins edit for typo rv042 not rv024

Everyone's tags (1)
758
Views
0
Helpful
0
Replies
CreatePlease to create content